kenmirrors
/
freeswitch
mirror of https://github.com/signalwire/freeswitch.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

FS-10150: [freeswitch-core] Reduce writes to closed ssl sockets #resolve

This commit is contained in:
Anthony Minessale 2017-03-17 13:47:35 -05:00
parent 4a56cc6401
commit cd5182c27c
4 changed files with 117 additions and 101 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
libs/libks/src/kws.c
View File

@ -235,12 +235,16 @@ static int ws_client_handshake(kws_t *kws)
do { do {
bytes = kws_raw_read(kws, kws->buffer + kws->datalen, kws->buflen - kws->datalen, WS_BLOCK); bytes = kws_raw_read(kws, kws->buffer + kws->datalen, kws->buflen - kws->datalen, WS_BLOCK);
} while (bytes > 0 && !strstr((char *)kws->buffer, "\r\n\r\n")); } while (bytes > 0 && !strstr((char *)kws->buffer, "\r\n\r\n"));
char accept[128] = "";
cheezy_get_var(kws->buffer, "Sec-WebSocket-Accept", accept, sizeof(accept)); if (bytes > 0) {
char accept[128] = "";
if (zstr_buf(accept) || !verify_accept(kws, enonce, (char *)accept)) { cheezy_get_var(kws->buffer, "Sec-WebSocket-Accept", accept, sizeof(accept));
if (zstr_buf(accept) || !verify_accept(kws, enonce, (char *)accept)) {
return -1;
}
} else {
return -1; return -1;
} }
@ -273,7 +277,7 @@ static int ws_server_handshake(kws_t *kws)
} }
} }
if (bytes > kws->buflen -1) { if (bytes < 0 || bytes > kws->buflen -1) {
goto err; goto err;
} }
@ -332,11 +336,13 @@ static int ws_server_handshake(kws_t *kws)
if (!kws->stay_open) { if (!kws->stay_open) {
snprintf(respond, sizeof(respond), "HTTP/1.1 400 Bad Request\r\n" if (bytes > 0) {
"Sec-WebSocket-Version: 13\r\n\r\n"); snprintf(respond, sizeof(respond), "HTTP/1.1 400 Bad Request\r\n"
respond[511] = 0; "Sec-WebSocket-Version: 13\r\n\r\n");
respond[511] = 0;
kws_raw_write(kws, respond, strlen(respond)); kws_raw_write(kws, respond, strlen(respond));
}
kws_close(kws, WS_NONE); kws_close(kws, WS_NONE);
} }
@ -880,20 +886,22 @@ KS_DECLARE(ks_ssize_t) kws_read_frame(kws_t *kws, kws_opcode_t *oc, uint8_t **da
} }
if (!kws->handshake) { if (!kws->handshake) {
return kws_close(kws, WS_PROTO_ERR); return kws_close(kws, WS_NONE);
} }
if ((kws->datalen = kws_raw_read(kws, kws->buffer, 9, kws->block)) < 0) { if ((kws->datalen = kws_raw_read(kws, kws->buffer, 9, kws->block)) < 0) {
if (kws->datalen == -2) { if (kws->datalen == -2) {
return -2; return -2;
} }
return kws_close(kws, WS_PROTO_ERR); return kws_close(kws, WS_NONE);
} }
if (kws->datalen < need) { if (kws->datalen < need) {
if ((kws->datalen += kws_raw_read(kws, kws->buffer + kws->datalen, 9 - kws->datalen, WS_BLOCK)) < need) { ssize_t bytes = kws_raw_read(kws, kws->buffer + kws->datalen, 9 - kws->datalen, WS_BLOCK);
if (bytes < 0 || (kws->datalen += bytes) < need) {
/* too small - protocol err */ /* too small - protocol err */
return kws_close(kws, WS_PROTO_ERR); return kws_close(kws, WS_NONE);
} }
} }
@ -929,7 +937,7 @@ KS_DECLARE(ks_ssize_t) kws_read_frame(kws_t *kws, kws_opcode_t *oc, uint8_t **da
if (need > kws->datalen) { if (need > kws->datalen) {
/* too small - protocol err */ /* too small - protocol err */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return kws_close(kws, WS_PROTO_ERR); return kws_close(kws, WS_NONE);
} }
} }
@ -949,9 +957,9 @@ KS_DECLARE(ks_ssize_t) kws_read_frame(kws_t *kws, kws_opcode_t *oc, uint8_t **da
more = kws_raw_read(kws, kws->buffer + kws->datalen, need - kws->datalen, WS_BLOCK); more = kws_raw_read(kws, kws->buffer + kws->datalen, need - kws->datalen, WS_BLOCK);
if (more < need - kws->datalen) { if (more < 0 || more < need - kws->datalen) {
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return kws_close(kws, WS_PROTO_ERR); return kws_close(kws, WS_NONE);
} else { } else {
kws->datalen += more; kws->datalen += more;
} }
@ -970,7 +978,7 @@ KS_DECLARE(ks_ssize_t) kws_read_frame(kws_t *kws, kws_opcode_t *oc, uint8_t **da
if (need > kws->datalen) { if (need > kws->datalen) {
/* too small - protocol err */ /* too small - protocol err */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return kws_close(kws, WS_PROTO_ERR); return kws_close(kws, WS_NONE);
} }
u16 = (uint16_t *) kws->payload; u16 = (uint16_t *) kws->payload;
@ -988,7 +996,7 @@ KS_DECLARE(ks_ssize_t) kws_read_frame(kws_t *kws, kws_opcode_t *oc, uint8_t **da
if (need < 0) { if (need < 0) {
/* invalid read - protocol err .. */ /* invalid read - protocol err .. */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return kws_close(kws, WS_PROTO_ERR); return kws_close(kws, WS_NONE);
} }
blen = kws->body - kws->bbuffer; blen = kws->body - kws->bbuffer;
@ -1019,7 +1027,7 @@ KS_DECLARE(ks_ssize_t) kws_read_frame(kws_t *kws, kws_opcode_t *oc, uint8_t **da
if (r < 1) { if (r < 1) {
/* invalid read - protocol err .. */ /* invalid read - protocol err .. */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return kws_close(kws, WS_PROTO_ERR); return kws_close(kws, WS_NONE);
} }
kws->datalen += r; kws->datalen += r;

2
libs/sofia-sip/.update
View File

@ -1 +1 @@
Tue Feb 14 14:26:14 CST 2017 Fri Mar 17 13:47:30 CDT 2017

136
libs/sofia-sip/libsofia-sip-ua/tport/ws.c
View File

@ -14,7 +14,7 @@
#define ms_sleep(x) usleep( x * 1000); #define ms_sleep(x) usleep( x * 1000);
#else #else
#define ms_sleep(x) Sleep( x ); #define ms_sleep(x) Sleep( x );
#endif #endif
#ifdef _MSC_VER #ifdef _MSC_VER
/* warning C4706: assignment within conditional expression*/ /* warning C4706: assignment within conditional expression*/
@ -32,11 +32,11 @@ static struct ws_globals_s ws_globals;
#ifndef WSS_STANDALONE #ifndef WSS_STANDALONE
void init_ssl(void) void init_ssl(void)
{ {
// SSL_library_init(); // SSL_library_init();
} }
void deinit_ssl(void) void deinit_ssl(void)
{ {
return; return;
} }
@ -110,13 +110,13 @@ void init_ssl(void) {
assert(ws_globals.ssl_ctx); assert(ws_globals.ssl_ctx);
/* Disable SSLv2 */ /* Disable SSLv2 */
SSL_CTX_set_options(globals.ssl_ctx, SSL_OP_NO_SSLv2); SSL_CTX_set_options(ws_globals.ssl_ctx, SSL_OP_NO_SSLv2);
/* Disable SSLv3 */ /* Disable SSLv3 */
SSL_CTX_set_options(globals.ssl_ctx, SSL_OP_NO_SSLv3); SSL_CTX_set_options(ws_globals.ssl_ctx, SSL_OP_NO_SSLv3);
/* Disable TLSv1 */ /* Disable TLSv1 */
SSL_CTX_set_options(globals.ssl_ctx, SSL_OP_NO_TLSv1); SSL_CTX_set_options(ws_globals.ssl_ctx, SSL_OP_NO_TLSv1);
/* Disable Compression CRIME (Compression Ratio Info-leak Made Easy) */ /* Disable Compression CRIME (Compression Ratio Info-leak Made Easy) */
SSL_CTX_set_options(globals.ssl_ctx, SSL_OP_NO_COMPRESSION); SSL_CTX_set_options(ws_globals.ssl_ctx, SSL_OP_NO_COMPRESSION);
/* set the local certificate from CertFile */ /* set the local certificate from CertFile */
SSL_CTX_use_certificate_file(ws_globals.ssl_ctx, ws_globals.cert, SSL_FILETYPE_PEM); SSL_CTX_use_certificate_file(ws_globals.ssl_ctx, ws_globals.cert, SSL_FILETYPE_PEM);
/* set the private key from KeyFile */ /* set the private key from KeyFile */
@ -169,28 +169,28 @@ static int cheezy_get_var(char *data, char *name, char *buf, size_t buflen)
e = strchr(v, '\n'); e = strchr(v, '\n');
} }
} }
if (v && e) { if (v && e) {
int cplen; int cplen;
size_t len = e - v; size_t len = e - v;
if (len > buflen - 1) { if (len > buflen - 1) {
cplen = buflen -1; cplen = buflen -1;
} else { } else {
cplen = len; cplen = len;
} }
strncpy(buf, v, cplen); strncpy(buf, v, cplen);
*(buf+cplen) = '\0'; *(buf+cplen) = '\0';
return 1; return 1;
} }
} }
} }
return 0; return 0;
} }
static int b64encode(unsigned char *in, size_t ilen, unsigned char *out, size_t olen) static int b64encode(unsigned char *in, size_t ilen, unsigned char *out, size_t olen)
{ {
int y=0,bytes=0; int y=0,bytes=0;
size_t x=0; size_t x=0;
@ -234,7 +234,7 @@ static void sha1_digest(char *digest, unsigned char *in)
SHA1Update(&sha, in, strlen(in)); SHA1Update(&sha, in, strlen(in));
SHA1Final(&sha, digest); SHA1Final(&sha, digest);
} }
#else #else
static void sha1_digest(unsigned char *digest, char *in) static void sha1_digest(unsigned char *digest, char *in)
{ {
@ -272,18 +272,18 @@ int ws_handshake(wsh_t *wsh)
} }
} }
if (bytes > wsh->buflen -1) { if (bytes < 0 || bytes > wsh->buflen -1) {
goto err; goto err;
} }
*(wsh->buffer + wsh->datalen) = '\0'; *(wsh->buffer + wsh->datalen) = '\0';
if (strncasecmp(wsh->buffer, "GET ", 4)) { if (strncasecmp(wsh->buffer, "GET ", 4)) {
goto err; goto err;
} }
p = wsh->buffer + 4; p = wsh->buffer + 4;
e = strchr(p, ' '); e = strchr(p, ' ');
if (!e) { if (!e) {
goto err; goto err;
@ -296,11 +296,11 @@ int ws_handshake(wsh_t *wsh)
cheezy_get_var(wsh->buffer, "Sec-WebSocket-Key", key, sizeof(key)); cheezy_get_var(wsh->buffer, "Sec-WebSocket-Key", key, sizeof(key));
cheezy_get_var(wsh->buffer, "Sec-WebSocket-Version", version, sizeof(version)); cheezy_get_var(wsh->buffer, "Sec-WebSocket-Version", version, sizeof(version));
cheezy_get_var(wsh->buffer, "Sec-WebSocket-Protocol", proto, sizeof(proto)); cheezy_get_var(wsh->buffer, "Sec-WebSocket-Protocol", proto, sizeof(proto));
if (!*key) { if (!*key) {
goto err; goto err;
} }
snprintf(input, sizeof(input), "%s%s", key, WEBSOCKET_GUID); snprintf(input, sizeof(input), "%s%s", key, WEBSOCKET_GUID);
sha1_digest(output, input); sha1_digest(output, input);
b64encode((unsigned char *)output, SHA1_HASH_SIZE, (unsigned char *)b64, sizeof(b64)); b64encode((unsigned char *)output, SHA1_HASH_SIZE, (unsigned char *)b64, sizeof(b64));
@ -309,7 +309,7 @@ int ws_handshake(wsh_t *wsh)
snprintf(proto_buf, sizeof(proto_buf), "Sec-WebSocket-Protocol: %s\r\n", proto); snprintf(proto_buf, sizeof(proto_buf), "Sec-WebSocket-Protocol: %s\r\n", proto);
} }
snprintf(respond, sizeof(respond), snprintf(respond, sizeof(respond),
"HTTP/1.1 101 Switching Protocols\r\n" "HTTP/1.1 101 Switching Protocols\r\n"
"Upgrade: websocket\r\n" "Upgrade: websocket\r\n"
"Connection: Upgrade\r\n" "Connection: Upgrade\r\n"
@ -331,11 +331,13 @@ int ws_handshake(wsh_t *wsh)
if (!wsh->stay_open) { if (!wsh->stay_open) {
snprintf(respond, sizeof(respond), "HTTP/1.1 400 Bad Request\r\n" if (bytes > 0) {
"Sec-WebSocket-Version: 13\r\n\r\n"); snprintf(respond, sizeof(respond), "HTTP/1.1 400 Bad Request\r\n"
respond[511] = 0; "Sec-WebSocket-Version: 13\r\n\r\n");
respond[511] = 0;
ws_raw_write(wsh, respond, strlen(respond)); ws_raw_write(wsh, respond, strlen(respond));
}
ws_close(wsh, WS_NONE); ws_close(wsh, WS_NONE);
} }
@ -358,7 +360,7 @@ ssize_t ws_raw_read(wsh_t *wsh, void *data, size_t bytes, int block)
if (r == -1) { if (r == -1) {
err = SSL_get_error(wsh->ssl, r); err = SSL_get_error(wsh->ssl, r);
if (err == SSL_ERROR_WANT_READ) { if (err == SSL_ERROR_WANT_READ) {
if (!block) { if (!block) {
r = -2; r = -2;
@ -393,7 +395,7 @@ ssize_t ws_raw_read(wsh_t *wsh, void *data, size_t bytes, int block)
} }
} }
} while (r == -1 && xp_is_blocking(xp_errno()) && wsh->x < 1000); } while (r == -1 && xp_is_blocking(xp_errno()) && wsh->x < 1000);
end: end:
if (wsh->x >= 10000 || (block && wsh->x >= 1000)) { if (wsh->x >= 10000 || (block && wsh->x >= 1000)) {
@ -407,7 +409,7 @@ ssize_t ws_raw_read(wsh_t *wsh, void *data, size_t bytes, int block)
if (r >= 0) { if (r >= 0) {
wsh->x = 0; wsh->x = 0;
} }
return r; return r;
} }
@ -448,13 +450,13 @@ ssize_t ws_raw_write(wsh_t *wsh, void *data, size_t bytes)
if (ssl_err) { if (ssl_err) {
r = ssl_err * -1; r = ssl_err * -1;
} }
return r; return r;
} }
do { do {
r = send(wsh->sock, (void *)((unsigned char *)data + wrote), bytes - wrote, 0); r = send(wsh->sock, (void *)((unsigned char *)data + wrote), bytes - wrote, 0);
if (r > 0) { if (r > 0) {
wrote += r; wrote += r;
} }
@ -471,9 +473,9 @@ ssize_t ws_raw_write(wsh_t *wsh, void *data, size_t bytes)
} }
ms_sleep(ms); ms_sleep(ms);
} }
} while (--sanity > 0 && ((r == -1 && xp_is_blocking(xp_errno())) || (wsh->block && wrote < bytes))); } while (--sanity > 0 && ((r == -1 && xp_is_blocking(xp_errno())) || (wsh->block && wrote < bytes)));
//if (r<0) { //if (r<0) {
//printf("wRITE FAIL: %s\n", strerror(errno)); //printf("wRITE FAIL: %s\n", strerror(errno));
//} //}
@ -559,7 +561,7 @@ int establish_logical_layer(wsh_t *wsh)
if (code == 0) { if (code == 0) {
return -1; return -1;
} }
if (code < 0) { if (code < 0) {
if (code == -1 && SSL_get_error(wsh->ssl, code) != SSL_ERROR_WANT_READ) { if (code == -1 && SSL_get_error(wsh->ssl, code) != SSL_ERROR_WANT_READ) {
return -1; return -1;
@ -579,11 +581,11 @@ int establish_logical_layer(wsh_t *wsh)
} }
} while (wsh->sanity > 0); } while (wsh->sanity > 0);
if (!wsh->sanity) { if (!wsh->sanity) {
return -1; return -1;
} }
} }
while (!wsh->down && !wsh->handshake) { while (!wsh->down && !wsh->handshake) {
@ -601,7 +603,7 @@ int establish_logical_layer(wsh_t *wsh)
} }
wsh->logical_established = 1; wsh->logical_established = 1;
return 0; return 0;
} }
@ -662,7 +664,7 @@ void ws_destroy(wsh_t *wsh)
if (wsh->down > 1) { if (wsh->down > 1) {
return; return;
} }
wsh->down = 2; wsh->down = 2;
if (wsh->write_buffer) { if (wsh->write_buffer) {
@ -688,15 +690,15 @@ void ws_destroy(wsh_t *wsh)
} }
ssize_t ws_close(wsh_t *wsh, int16_t reason) ssize_t ws_close(wsh_t *wsh, int16_t reason)
{ {
if (wsh->down) { if (wsh->down) {
return -1; return -1;
} }
wsh->down = 1; wsh->down = 1;
if (wsh->uri) { if (wsh->uri) {
free(wsh->uri); free(wsh->uri);
wsh->uri = NULL; wsh->uri = NULL;
@ -724,7 +726,7 @@ ssize_t ws_close(wsh_t *wsh, int16_t reason)
wsh->sock = ws_sock_invalid; wsh->sock = ws_sock_invalid;
return reason * -1; return reason * -1;
} }
@ -743,7 +745,7 @@ uint64_t ntoh64(uint64_t val)
ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data) ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
{ {
ssize_t need = 2; ssize_t need = 2;
char *maskp; char *maskp;
int ll = 0; int ll = 0;
@ -769,20 +771,22 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
} }
if (!wsh->handshake) { if (!wsh->handshake) {
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
if ((wsh->datalen = ws_raw_read(wsh, wsh->buffer, 9, wsh->block)) < 0) { if ((wsh->datalen = ws_raw_read(wsh, wsh->buffer, 9, wsh->block)) < 0) {
if (wsh->datalen == -2) { if (wsh->datalen == -2) {
return -2; return -2;
} }
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
if (wsh->datalen < need) { if (wsh->datalen < need) {
if ((wsh->datalen += ws_raw_read(wsh, wsh->buffer + wsh->datalen, 9 - wsh->datalen, WS_BLOCK)) < need) { ssize_t bytes = ws_raw_read(wsh, wsh->buffer + wsh->datalen, 9 - wsh->datalen, WS_BLOCK);
if (bytes < 0 || (wsh->datalen += bytes) < need) {
/* too small - protocol err */ /* too small - protocol err */
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
} }
@ -804,7 +808,7 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
{ {
int fin = (wsh->buffer[0] >> 7) & 1; int fin = (wsh->buffer[0] >> 7) & 1;
int mask = (wsh->buffer[1] >> 7) & 1; int mask = (wsh->buffer[1] >> 7) & 1;
if (!fin && *oc != WSOC_CONTINUATION) { if (!fin && *oc != WSOC_CONTINUATION) {
frag = 1; frag = 1;
@ -814,17 +818,17 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
if (mask) { if (mask) {
need += 4; need += 4;
if (need > wsh->datalen) { if (need > wsh->datalen) {
/* too small - protocol err */ /* too small - protocol err */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
} }
wsh->plen = wsh->buffer[1] & 0x7f; wsh->plen = wsh->buffer[1] & 0x7f;
wsh->payload = &wsh->buffer[2]; wsh->payload = &wsh->buffer[2];
if (wsh->plen == 127) { if (wsh->plen == 127) {
uint64_t *u64; uint64_t *u64;
int more = 0; int more = 0;
@ -838,16 +842,16 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
more = ws_raw_read(wsh, wsh->buffer + wsh->datalen, need - wsh->datalen, WS_BLOCK); more = ws_raw_read(wsh, wsh->buffer + wsh->datalen, need - wsh->datalen, WS_BLOCK);
if (more < need - wsh->datalen) { if (more < 0 || more < need - wsh->datalen) {
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} else { } else {
wsh->datalen += more; wsh->datalen += more;
} }
} }
u64 = (uint64_t *) wsh->payload; u64 = (uint64_t *) wsh->payload;
wsh->payload += 8; wsh->payload += 8;
wsh->plen = ntoh64(*u64); wsh->plen = ntoh64(*u64);
@ -859,7 +863,7 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
if (need > wsh->datalen) { if (need > wsh->datalen) {
/* too small - protocol err */ /* too small - protocol err */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
u16 = (uint16_t *) wsh->payload; u16 = (uint16_t *) wsh->payload;
@ -877,14 +881,14 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
if (need < 0) { if (need < 0) {
/* invalid read - protocol err .. */ /* invalid read - protocol err .. */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
blen = wsh->body - wsh->bbuffer; blen = wsh->body - wsh->bbuffer;
if (need + blen > (ssize_t)wsh->bbuflen) { if (need + blen > (ssize_t)wsh->bbuflen) {
void *tmp; void *tmp;
wsh->bbuflen = need + blen + wsh->rplen; wsh->bbuflen = need + blen + wsh->rplen;
if ((tmp = realloc(wsh->bbuffer, wsh->bbuflen))) { if ((tmp = realloc(wsh->bbuffer, wsh->bbuflen))) {
@ -897,25 +901,25 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
} }
wsh->rplen = wsh->plen - need; wsh->rplen = wsh->plen - need;
if (wsh->rplen) { if (wsh->rplen) {
memcpy(wsh->body, wsh->payload, wsh->rplen); memcpy(wsh->body, wsh->payload, wsh->rplen);
} }
while(need) { while(need) {
ssize_t r = ws_raw_read(wsh, wsh->body + wsh->rplen, need, WS_BLOCK); ssize_t r = ws_raw_read(wsh, wsh->body + wsh->rplen, need, WS_BLOCK);
if (r < 1) { if (r < 1) {
/* invalid read - protocol err .. */ /* invalid read - protocol err .. */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
wsh->datalen += r; wsh->datalen += r;
wsh->rplen += r; wsh->rplen += r;
need -= r; need -= r;
} }
if (mask && maskp) { if (mask && maskp) {
ssize_t i; ssize_t i;
@ -923,7 +927,7 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
wsh->body[i] ^= maskp[i % 4]; wsh->body[i] ^= maskp[i % 4];
} }
} }
if (*oc == WSOC_PING) { if (*oc == WSOC_PING) {
ws_write_frame(wsh, WSOC_PONG, wsh->body, wsh->rplen); ws_write_frame(wsh, WSOC_PONG, wsh->body, wsh->rplen);
@ -939,7 +943,7 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
} }
*data = (uint8_t *)wsh->bbuffer; *data = (uint8_t *)wsh->bbuffer;
//printf("READ[%ld][%d]-----------------------------:\n[%s]\n-------------------------------\n", wsh->packetlen, *oc, (char *)*data); //printf("READ[%ld][%d]-----------------------------:\n[%s]\n-------------------------------\n", wsh->packetlen, *oc, (char *)*data);
@ -987,7 +991,7 @@ ssize_t ws_write_frame(wsh_t *wsh, ws_opcode_t oc, void *data, size_t bytes)
hdr[1] = 127; hdr[1] = 127;
hlen += 8; hlen += 8;
u64 = (uint64_t *) &hdr[2]; u64 = (uint64_t *) &hdr[2];
*u64 = hton64(bytes); *u64 = hton64(bytes);
} }
@ -1002,17 +1006,17 @@ ssize_t ws_write_frame(wsh_t *wsh, ws_opcode_t oc, void *data, size_t bytes)
abort(); abort();
} }
} }
bp = (uint8_t *) wsh->write_buffer; bp = (uint8_t *) wsh->write_buffer;
memcpy(bp, (void *) &hdr[0], hlen); memcpy(bp, (void *) &hdr[0], hlen);
memcpy(bp + hlen, data, bytes); memcpy(bp + hlen, data, bytes);
raw_ret = ws_raw_write(wsh, bp, (hlen + bytes)); raw_ret = ws_raw_write(wsh, bp, (hlen + bytes));
if (raw_ret != (ssize_t) (hlen + bytes)) { if (raw_ret != (ssize_t) (hlen + bytes)) {
return raw_ret; return raw_ret;
} }
return bytes; return bytes;
} }

34
src/mod/endpoints/mod_verto/ws.c
View File

@ -272,7 +272,7 @@ int ws_handshake(wsh_t *wsh)
} }
} }
if (bytes > wsh->buflen -1) { if (bytes < 0 || bytes > wsh->buflen -1) {
goto err; goto err;
} }
@ -331,11 +331,13 @@ int ws_handshake(wsh_t *wsh)
if (!wsh->stay_open) { if (!wsh->stay_open) {
snprintf(respond, sizeof(respond), "HTTP/1.1 400 Bad Request\r\n" if (bytes > 0) {
"Sec-WebSocket-Version: 13\r\n\r\n"); snprintf(respond, sizeof(respond), "HTTP/1.1 400 Bad Request\r\n"
respond[511] = 0; "Sec-WebSocket-Version: 13\r\n\r\n");
respond[511] = 0;
ws_raw_write(wsh, respond, strlen(respond)); ws_raw_write(wsh, respond, strlen(respond));
}
ws_close(wsh, WS_NONE); ws_close(wsh, WS_NONE);
} }
@ -769,20 +771,22 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
} }
if (!wsh->handshake) { if (!wsh->handshake) {
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
if ((wsh->datalen = ws_raw_read(wsh, wsh->buffer, 9, wsh->block)) < 0) { if ((wsh->datalen = ws_raw_read(wsh, wsh->buffer, 9, wsh->block)) < 0) {
if (wsh->datalen == -2) { if (wsh->datalen == -2) {
return -2; return -2;
} }
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
if (wsh->datalen < need) { if (wsh->datalen < need) {
if ((wsh->datalen += ws_raw_read(wsh, wsh->buffer + wsh->datalen, 9 - wsh->datalen, WS_BLOCK)) < need) { ssize_t bytes = ws_raw_read(wsh, wsh->buffer + wsh->datalen, 9 - wsh->datalen, WS_BLOCK);
if (bytes < 0 || (wsh->datalen += bytes) < need) {
/* too small - protocol err */ /* too small - protocol err */
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
} }
@ -818,7 +822,7 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
if (need > wsh->datalen) { if (need > wsh->datalen) {
/* too small - protocol err */ /* too small - protocol err */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
} }
@ -838,9 +842,9 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
more = ws_raw_read(wsh, wsh->buffer + wsh->datalen, need - wsh->datalen, WS_BLOCK); more = ws_raw_read(wsh, wsh->buffer + wsh->datalen, need - wsh->datalen, WS_BLOCK);
if (more < need - wsh->datalen) { if (more < 0 || more < need - wsh->datalen) {
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} else { } else {
wsh->datalen += more; wsh->datalen += more;
} }
@ -859,7 +863,7 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
if (need > wsh->datalen) { if (need > wsh->datalen) {
/* too small - protocol err */ /* too small - protocol err */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
u16 = (uint16_t *) wsh->payload; u16 = (uint16_t *) wsh->payload;
@ -877,7 +881,7 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
if (need < 0) { if (need < 0) {
/* invalid read - protocol err .. */ /* invalid read - protocol err .. */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
blen = wsh->body - wsh->bbuffer; blen = wsh->body - wsh->bbuffer;
@ -908,7 +912,7 @@ ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data)
if (r < 1) { if (r < 1) {
/* invalid read - protocol err .. */ /* invalid read - protocol err .. */
*oc = WSOC_CLOSE; *oc = WSOC_CLOSE;
return ws_close(wsh, WS_PROTO_ERR); return ws_close(wsh, WS_NONE);
} }
wsh->datalen += r; wsh->datalen += r;